Hijacking & Spoofing Context Menu Options
https://mrd0x.com/sentinelone-persistence-via-menu-context
https://mrd0x.com/sentinelone-persistence-via-menu-context
Code injection on Android without ptrace
https://erfur.github.io/blog/dev/code-injection-without-ptrace
https://erfur.github.io/blog/dev/code-injection-without-ptrace
P/Invoke definitions from the now offline pinvoke•net
https://github.com/ricardojoserf/p-invoke.net
The Gitbook: https://www.p-invoke.net
https://github.com/ricardojoserf/p-invoke.net
The Gitbook: https://www.p-invoke.net
DefenderYara: Extracted Yara rules from Windows Defender mpavbase and mpasbase
https://github.com/roadwy/DefenderYara
https://github.com/roadwy/DefenderYara
UAC-0050, Cracking The DaVinci Code
https://blog.bushidotoken.net/2024/03/tracking-adversaries-uac-0050-cracking.html
https://blog.bushidotoken.net/2024/03/tracking-adversaries-uac-0050-cracking.html
ByassX: The Swiss army knife of evasion tool that bypasses AMSI, Applocker, and CLM mode simultaneously
https://github.com/vulnableone/BypassX
https://github.com/vulnableone/BypassX
IndicatorOfCanary: is a collection of PoCs from research on identifying canaries in various file formats
https://github.com/HackingLZ/IndicatorOfCanary
https://github.com/HackingLZ/IndicatorOfCanary
pgAdmin (<=8.3) Path Traversal in Session Handling Leads to Unsafe Deserialization and Remote Code Execution (RCE)
https://www.shielder.com/advisories/pgadmin-path-traversal_leads_to_unsafe_deserialization_and_rce
https://www.shielder.com/advisories/pgadmin-path-traversal_leads_to_unsafe_deserialization_and_rce
MacOs Malware Dev
https://0xf00sec.github.io/2024/03/09/MacOs-X
OSX-Injection:
https://github.com/0xf00sec/OSX-Injection
https://0xf00sec.github.io/2024/03/09/MacOs-X
OSX-Injection:
https://github.com/0xf00sec/OSX-Injection
EquationToolsGUI: scan and verify MS17-010, MS09-050, MS08-067 vulnerabilities
https://github.com/abc123info/EquationToolsGUI
https://github.com/abc123info/EquationToolsGUI
CVE-2024-1403 Progress OpenEdge Authentication Bypass
https://github.com/horizon3ai/CVE-2024-1403
https://github.com/horizon3ai/CVE-2024-1403
First in-the-wild 0-day of 2023 🔥 CVE-2023-21674 is a vulnerability in Windows Advanced Local Procedure Call (ALPC) that could lead to a browser sandbox escape and allow attackers to gain SYSTEM privileges
https://github.com/hd3s5aa/CVE-2023-21674
https://github.com/hd3s5aa/CVE-2023-21674
Unknown Nim Loader using PSBypassCLM
https://medium.com/walmartglobaltech/unknown-nim-loader-using-psbypassclm-cafdf0e0f5cd
https://medium.com/walmartglobaltech/unknown-nim-loader-using-psbypassclm-cafdf0e0f5cd
Behind the Code: Assessing Public Compile-Time Obfuscators for Enhanced OPSEC
https://trustedsec.com/blog/behind-the-code-assessing-public-compile-time-obfuscators-for-enhanced-opsec
https://trustedsec.com/blog/behind-the-code-assessing-public-compile-time-obfuscators-for-enhanced-opsec
WinSOS: This technique utilizes executables within the WinSxS folder, commonly trusted by Windows, to exploit the classic DLL Search Order Hijacking method
https://github.com/thiagopeixoto/winsos-poc
https://github.com/thiagopeixoto/winsos-poc
Misconfiguration Manager is a central knowledge base for all known Microsoft Configuration Manager tradecraft and associated defensive and hardening guidance
https://github.com/subat0mik/Misconfiguration-Manager
https://github.com/subat0mik/Misconfiguration-Manager
CVE-2024-21378 RCE in Microsoft Outlook
https://www.netspi.com/blog/technical/red-team-operations/microsoft-outlook-remote-code-execution-cve-2024-21378
https://www.netspi.com/blog/technical/red-team-operations/microsoft-outlook-remote-code-execution-cve-2024-21378
HuffLoader: Huffman Coding in Shellcode Obfuscation & Dynamic Indirect Syscalls Ldr
https://github.com/0xHossam/HuffLoader
https://github.com/0xHossam/HuffLoader